Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hbiyHk9fv963FNPhs4pTgXtXKe0.cer
File:                     hbiyHk9fv963FNPhs4pTgXtXKe0.cer (raw, json)
Hash identifier:          koyeE1tWtzvGA4SQvyinx0gm4VR3jgdeDdUGFf7ohX4=
Subject key identifier:   85:B8:B2:1E:4F:5F:BF:DE:B7:14:D3:E1:B3:8A:53:81:7B:57:29:ED
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856B631FED15035DB787BFC338A85474D4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/hbiyHk9fv963FNPhs4pTgXtXKe0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 03:32:16 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 185.212.115.0/24
                          IP: 2a12:ac0::/29

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 11:43:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:63:1f:ed:15:03:5d:b7:87:bf:c3:38:a8:54:74:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:32:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85b8b21e4f5fbfdeb714d3e1b38a53817b5729ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a3:5f:f8:32:05:a3:b6:eb:30:44:0b:48:21:
                    28:a2:df:83:74:a2:d0:7a:5b:52:dd:7a:d6:a3:c9:
                    d1:3f:f5:5c:8d:e4:10:41:0a:82:ec:64:b1:01:97:
                    2d:be:e3:d4:f6:c1:96:ac:06:54:02:72:4e:c5:e3:
                    14:75:76:3f:e4:0c:29:ec:8c:7a:14:f2:90:53:d2:
                    59:a2:2b:b7:d6:61:b0:37:74:41:91:b9:84:3e:6c:
                    9f:0d:8a:c7:ee:d1:2e:3f:b6:2d:30:92:09:97:f4:
                    85:61:e9:d1:c4:15:0b:c6:79:cc:86:b1:63:67:b2:
                    04:5a:59:b5:3a:a7:ef:5b:e1:73:8b:a9:f4:99:88:
                    7a:9d:a5:77:30:12:3a:80:3b:00:c1:ad:4c:f1:65:
                    22:1c:9f:28:4d:f7:ac:33:2c:f4:8a:6d:7b:40:8b:
                    91:a7:ac:fa:64:f3:68:03:05:3f:96:42:42:2c:14:
                    93:47:43:cb:15:f1:fa:88:b0:42:6e:1d:7e:9d:c6:
                    fe:c1:5c:8f:98:3a:00:26:72:d6:15:b6:72:c8:df:
                    c6:72:39:ba:b3:69:0c:cd:84:8f:a9:a0:cf:cd:b6:
                    ba:9c:a8:4f:3e:21:01:78:1b:be:08:fb:a0:d9:b0:
                    5f:1a:0f:51:ef:2d:5b:f4:08:97:98:91:06:01:4d:
                    a6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B8:B2:1E:4F:5F:BF:DE:B7:14:D3:E1:B3:8A:53:81:7B:57:29:ED
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/64829d-a344-44d2-9e9d-1dd67c32b06a/1/hbiyHk9fv963FNPhs4pTgXtXKe0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.115.0/24
                IPv6:
                  2a12:ac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4b:6f:0d:df:10:10:69:2d:28:f4:69:a1:87:9a:23:9e:24:dd:
         b8:7a:b8:11:5f:05:96:48:b9:7b:00:10:e0:11:f9:8e:ba:59:
         d7:7e:19:2c:cf:d4:6f:e5:0c:a8:f6:3f:06:2c:ea:0e:2a:62:
         ba:5b:51:1e:9b:67:5b:8c:83:81:da:22:d6:76:c5:e1:fd:b3:
         ec:be:b2:59:43:5e:43:5c:8b:90:6e:06:8e:fb:59:c7:10:e1:
         17:d0:ff:4b:35:52:f0:e2:5c:1f:03:e2:ca:0c:96:33:61:77:
         1d:f2:db:cb:c1:90:e6:99:80:67:ce:6b:f5:0f:cf:a2:4d:1b:
         c4:fa:0f:24:dc:c3:86:87:37:93:fd:b0:8e:33:f0:38:65:2b:
         e4:11:cb:07:51:3c:2d:ed:35:4c:57:43:57:b1:a5:55:17:39:
         be:a2:7d:b6:08:86:99:e0:43:a9:02:a4:f6:4c:d4:c6:d8:d5:
         98:8e:6a:15:49:00:4c:19:a2:59:92:05:95:0a:7b:c1:b6:3c:
         2f:91:09:90:9e:23:21:76:26:19:fd:3d:dd:5f:e6:35:0e:28:
         37:22:07:e4:fa:dd:c8:ae:c6:80:76:64:b3:f7:08:bb:ad:13:
         12:b4:a2:92:4f:50:2e:c3:41:de:ba:14:14:f5:99:9a:da:bb:
         ac:15:fa:ed
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVrYx/tFQNdt4e/wzioVHTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI4YjIxZTRmNWZiZmRlYjcxNGQzZTFiMzhhNTM4MTdiNTcyOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Nf+DIFo7brMEQLSCEoot+DdKLQ
eltS3XrWo8nRP/VcjeQQQQqC7GSxAZctvuPU9sGWrAZUAnJOxeMUdXY/5Awp7Ix6
FPKQU9JZoiu31mGwN3RBkbmEPmyfDYrH7tEuP7YtMJIJl/SFYenRxBULxnnMhrFj
Z7IEWlm1OqfvW+Fzi6n0mYh6naV3MBI6gDsAwa1M8WUiHJ8oTfesMyz0im17QIuR
p6z6ZPNoAwU/lkJCLBSTR0PLFfH6iLBCbh1+ncb+wVyPmDoAJnLWFbZyyN/Gcjm6
s2kMzYSPqaDPzba6nKhPPiEBeBu+CPug2bBfGg9R7y1b9AiXmJEGAU2mRwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFIW4sh5PX7/etxTT4bOKU4F7VyntMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E1LzY0ODI5
ZC1hMzQ0LTQ0ZDItOWU5ZC0xZGQ2N2MzMmIwNmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUvNjQ4Mjlk
LWEzNDQtNDRkMi05ZTlkLTFkZDY3YzMyYjA2YS8xL2hiaXlIazlmdjk2M0ZOUGhz
NHBUZ1h0WEtlMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAudRzMA0EAgACMAcDBQMqEgrAMA0GCSqGSIb3
DQEBCwUAA4IBAQBLbw3fEBBpLSj0aaGHmiOeJN24ergRXwWWSLl7ABDgEfmOulnX
fhksz9Rv5Qyo9j8GLOoOKmK6W1Eem2dbjIOB2iLWdsXh/bPsvrJZQ15DXIuQbgaO
+1nHEOEX0P9LNVLw4lwfA+LKDJYzYXcd8tvLwZDmmYBnzmv1D8+iTRvE+g8k3MOG
hzeT/bCOM/A4ZSvkEcsHUTwt7TVMV0NXsaVVFzm+on22CIaZ4EOpAqT2TNTG2NWY
jmoVSQBMGaJZkgWVCnvBtjwvkQmQniMhdiYZ/T3dX+Y1Dig3Igfk+t3IrsaAdmSz
9wi7rRMStKKST1Auw0HeuhQU9Zma2rusFfrt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:35 2024 by rpki-client on console-fra.rpki-client.org